I've got around 200 IOS switches and routers that I'm managing through Ansible. At this point I've got almost all of the global settings managed. This includes TACACS, RADIUS, logging, domain name, NTP, SNMP, etc.
But what I can't figure out is how to manage the VLAN settings on individual switchports from Ansible in a way that is easier than just doing it on the switch itself.
The first thing that comes to mind is that I could have a host_vars file per switch stack with the VLAN IDs, a default VLAN ID for the "most used" VLAN, and a list of switch ports that need to get assigned to the other VLANs. But this just seems really cumbersome.
Also, our switchport assignments are completely random. So I can't say, as a policy, "all switchports 40-48 are for IoT" or something to that effect. The assignments are just all over the map from technicians at the various offices just plugging things into the first switchport they see.
So I'm wondering, for those of you that have gotten to the point where you manage your switches 100% from Ansible or something similar - how do you manage switchport VLAN assignments?
No comments:
Post a Comment